Use of these functions is encouraged for almost all random number consumption
because the other interfaces are deficient in either quality, portability,
standardization, or availability. These functions can be called in almost all
coding environments, including
pthreads(3) and
chroot(2).

High quality 32-bit pseudo-random numbers are generated very quickly. On each
call, a cryptographic pseudo-random number generator is used to generate a new
result. One data pool is used for all consumers in a process, so that
consumption under program flow can act as additional stirring. The subsystem
is re-seeded from the kernel random number subsystem using
getentropy(2) on a regular
basis, and also upon fork(2).

arc4random_uniform() will return a single
32-bit value, uniformly distributed but less than
upper_bound. This is recommended over
constructions like “arc4random() %
upper_bound” as it avoids "modulo bias" when the upper
bound is not a power of two. In the worst case, this function may consume
multiple iterations to ensure uniformity; see the source code to understand
the problem and solution.

The original version of this random number generator used the RC4 (also known as
ARC4) algorithm. In OpenBSD 5.5 it was replaced with
the ChaCha20 cipher, and it may be replaced again in the future as
cryptographic techniques advance. A good mnemonic is “A Replacement
Call for Random”.